So we have an installation of AD FS 3.0 (Windows Server 2012 R2 role) and a configured relying party. The relying party configuration in AD FS has the appropriate endpoint configured to service logout requests (see attached pics).
A client would browse to: https://adfs.dmz.local/adfs/ls/?wa=wsignout1.0&wreply=https%3a%2f%2fportal.dmz.local%3a44303%2fLogout&wtrealm=https%3a%2f%2fportal.dmz.local%3a44303%2f
Instead of being redirected back to the relying party (via the wreply parameter), they are instead just left on the AD FS logout page.
Any ideas why AD FS would not be honouring the redirect? Note: whether the "trusted Url" is the same as the one above or not, the redirect doesn't work.
Edit: so I had this misconfigured entirely. The "Example" is incredibly misleading. This needs to be an endpoint implementing logout for SAML. As a result, this question isn't valid.
Best Answer
You are mixing things up. You are adding WS-Federation parameters in a SAML Protocol configuration box. That is wrong.
The wreply parameter is another story.